<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
 "http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<title>CURLOPT_SSL_OPTIONS man page</title>
<meta name="generator" content="roffit">
<STYLE type="text/css">
pre {
  overflow: auto;
  margin: 0;
}

P.level0, pre.level0 {
 padding-left: 2em;
}

P.level1, pre.level1 {
 padding-left: 4em;
}

P.level2, pre.level2 {
 padding-left: 6em;
}

span.emphasis {
 font-style: italic;
}

span.bold {
 font-weight: bold;
}

span.manpage {
 font-weight: bold;
}

h2.nroffsh {
 background-color: #e0e0e0;
}

span.nroffip {
 font-weight: bold;
 font-size: 120%;
 font-family: monospace;
}

p.roffit {
 text-align: center;
 font-size: 80%;
}
</STYLE>
</head><body>

<p class="level0"><a name="NAME"></a><h2 class="nroffsh">NAME</h2>
<p class="level0">CURLOPT_SSL_OPTIONS - set SSL behavior options <a name="SYNOPSIS"></a><h2 class="nroffsh">SYNOPSIS</h2>
<p class="level0">&#35;include &lt;curl/curl.h&gt; 
<p class="level0">CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_OPTIONS, long bitmask); <a name="DESCRIPTION"></a><h2 class="nroffsh">DESCRIPTION</h2>
<p class="level0">Pass a long with a bitmask to tell libcurl about specific SSL behaviors. 
<p class="level0"><span Class="emphasis">CURLSSLOPT_ALLOW_BEAST</span> tells libcurl to not attempt to use any workarounds for a security flaw in the SSL3 and TLS1.0 protocols.  If this option isn't used or this bit is set to 0, the SSL layer libcurl uses may use a work-around for this flaw although it might cause interoperability problems with some (older) SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this option to 1 you ask for exactly that. This option is only supported for DarwinSSL, NSS and OpenSSL. 
<p class="level0">Added in 7.44.0: 
<p class="level0"><span Class="emphasis">CURLSSLOPT_NO_REVOKE</span> tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. <span class="bold">Currently this option is only supported for WinSSL (the native Windows SSL library), with an exception in the case of Windows' Untrusted Publishers blacklist which it seems can't be bypassed.</span> This option may have broader support to accommodate other SSL backends in the future. <a href="http://curl.haxx.se/docs/ssl-compared.html">http://curl.haxx.se/docs/ssl-compared.html</a> 
<p class="level0">
<p class="level0"><a name="DEFAULT"></a><h2 class="nroffsh">DEFAULT</h2>
<p class="level0">0 <a name="PROTOCOLS"></a><h2 class="nroffsh">PROTOCOLS</h2>
<p class="level0">All TLS-based protocols <a name="EXAMPLE"></a><h2 class="nroffsh">EXAMPLE</h2>
<p class="level0">TODO <a name="AVAILABILITY"></a><h2 class="nroffsh">AVAILABILITY</h2>
<p class="level0">Added in 7.25.0 <a name="RETURN"></a><h2 class="nroffsh">RETURN VALUE</h2>
<p class="level0">Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. <a name="SEE"></a><h2 class="nroffsh">SEE ALSO</h2>
<p class="level0"><a Class="manpage" href="./CURLOPT_SSLVERSION.html">CURLOPT_SSLVERSION</a>, <a Class="manpage" href="./CURLOPT_SSL_CIPHER_LIST.html">CURLOPT_SSL_CIPHER_LIST</a><p class="roffit">
 This HTML page was made with <a href="http://daniel.haxx.se/projects/roffit/">roffit</a>.
</body></html>
